Table of Contents

In this tutorial we will secure SSH by disabling root logon and logon with a password. We will then enable sudo logging giving us the ability to replay a users session.

Prerequisites

I will be using two Ubuntu vagrant machines however this should work on must systems with ssh and sudo. Keep in mind the paths and files may differ across different systems.

Step 1: Create RSA Keys

The first step is to generate the RSA key pair.

ssh-keygen -t rsa

You will be asked where to keep the keys and for a passphrase. I recommend leaving the path to the files the default path. As for the passphrase it does add extra security as well as an extra step.

Step 2: Give Remote Host Public RSA Key

We want the remote host to be able to use our key so we need to give it the public RSA key we just created. If you changed the file path go there for your keys other wise they are located at ~/.ssh/idrsa.pub.

Copy the contents of this file and add it to the remote hosts authorizedkeys.